1. Field of the Invention
The disclosure relates generally to systems and methods for managing storage devices, and, more particularly to systems and methods for managing storage devices, wherein a password authentication mechanism is applied to at least one hidden area of a storage device.
2. Description of the Related Art
With electronic devices, such as computers or portable devices, being popular, digital data has become a major data recording type for the devices due to the increased convenience of digital data. Digital data is always embodied in a data carrier, such as a storage device. The data carrier may vary according to different requirements and applications.
Generally, the microcontroller of the storage device having a flash memory, such as Secure Digital (SD) cards, micro SD cards, and Universal Serial Bus (USB) disks may have a function to divide the storage area of the storage device. For example, the storage area of a micro SD/SD card may be divided into a public area and a hidden area. In addition to the public area and the hidden area, the USB disk may be further divided into a DVD-ROM area and a secure area. The public area is accessible for general consumers. General consumers can read/write data in the public area at will. The hidden area cannot be accessed by general consumers, and the data stored in the hidden area cannot be read and displayed via a card reader. Generally, the hidden area can store secret/secure data, such as unique identification (UID) of the card, keys for encryption/decryption algorithms, rights object of digital right management (DRM), and others, which is not expected to be known by consumers. The DVD-ROM area is read only and designed for computer applications, wherein an auto-run program or content can be stored in the DVD-ROM area, such that the program or content can be automatically executed or played back when the USB disk is coupled to a computer. The secure area can store personal data of consumers, wherein consumers need an account and/or password in order to enter the area.
The division of storage area is performed using initialization firmware provided by a microcontroller company during the initialization procedure for cards, such that a card manufacturer can create and read/write hidden areas. When the card manufacturer wants to grant access right of the hidden area to a purchasing company, such as a digital content company or a mobile payment company, library/machine codes compiled under a specific operating system must be provided to the purchasing company.
Generally, since consumers cannot read the data in the hidden area without the library, the data in the hidden area is secure. However, a microcontroller company may provide microcontrollers to several card manufacturers, and a card manufacturer may provide cards to several purchasing companies. Since the library for accessing the hidden area is generated from the same initialization firmware, proprietary data stored in the hidden area for a purchasing company, such as a specific digital content company, may be known by another company, thereby placing business and technical security measures of the specific digital content company at risk. Such risks are compounded for the specific digital content company as the card manufacturer also has the library for accessing the hidden area.